2.3.4.2 Setting Up Remote Monitoring in MySQL Notifier

MySQL Notifier uses Windows Management Instrumentation (WMI) to
manage and monitor services on remote computers. This section
explains how it works and how to set up your system to monitor
remote MySQL instances.

In order to configure WMI, it is important to understand that the
underlying Distributed Component Object Model (DCOM) architecture
is doing the WMI work. Specifically, MySQL Notifier is using
asynchronous notification queries on remote Microsoft Windows
hosts as .NET events. These events send an asynchronous callback
to the computer running MySQL Notifier so it knows when a service
status has changed on the remote computer. Asynchronous
notifications offer the best performance compared to
semisynchronous notifications or synchronous notifications that
use timers.

Asynchronous notification requires the remote computer to send a
callback to the client computer (thus opening a reverse
connection), so the Windows Firewall and DCOM settings must be
properly configured for the communication to function properly.

Figure 2.21 MySQL Notifier Distributed Component Object Model (DCOM)

Most of the common errors thrown by asynchronous WMI notifications
are related to Windows Firewall blocking the communication, or to
DCOM / WMI settings not being set up properly. For a list of
common errors with solutions, see
Common Errors.

The following steps are required to make WMI function. These steps
are divided between two machines. A single host computer that runs
MySQL Notifier (Computer A), and multiple remote machines that are
being monitored (Computer B).

Computer running MySQL Notifier (Computer A)

Enable remote administration by either editing the
Group Policy Editor, or using
NETSH:

Using the Group Policy Editor:

Click Start, click
Run, type
GPEDIT.MSC, and then click
OK.

Under the Local Computer Policy
heading, expand Computer
Configuration.

Add the client application that contains the sink for the
callback (MySqlNotifier.exe) to the
Windows Firewall Exceptions List (use either the Windows
Firewall configuration or NETSH):

Using the Windows Firewall configuration:

In the Control Panel, double-click Windows
Firewall.

In the Windows Firewall window's left panel, click
Allow a program or feature through Windows
Firewall.

In the Allowed Programs window, click Change
Settings and do one of the following:

If MySqlNotifier.exe is in the
Allowed programs and features list, make sure it is
checked for the type of networks the computer
connects to (Private, Public or both).

If MySqlNotifier.exe is not in
the list, click Allow another
program....

In the Add a Program
window, select the
MySqlNotifier.exe if it
exists in the Programs list, otherwise click
Browse... and go to the directory where
MySqlNotifier.exe was
installed to select it, then click
Add.

Make sure MySqlNotifier.exe
is checked for the type of networks the computer
connects to (Private, Public or both).

Using the NETSH command:

Open a command prompt window with Administrative rights
(you can right-click the Command Prompt icon and click
Run as Administrator).

Execute the following command, where you change
"[YOUR_INSTALL_DIRECTORY]":

If Computer B is either a member of
WORKGROUP or is in a different domain
that is untrusted by Computer A, then the callback
connection (Connection 2) is created as an Anonymous
connection. To grant Anonymous connections DCOM Remote
Access permissions:

In the Access Permission dialog box, select
ANONYMOUS LOGON name in the Group
or user names box. In the Allow column under Permissions
for User, select Remote Access, and
then click OK.

Monitored Remote Computer (Computer B)

If the user account that is logged on to the computer running
the MySQL Notifier (Computer A) is a local administrator on the
remote computer (Computer B), such that the same account is an
administrator on Computer B, you can skip to the "Allow for
remote administration" step.

Setting DCOM security to allow a non-administrator user to
access a computer remotely:

Grant "DCOM remote launch" and activation permissions for a
user or group:

In the Launch and Activation
Permission dialog box, follow these steps if
your name or your group does not appear in the Groups or
user names list:

In the Launch and Activation
Permission dialog box, click
Add.

In the Select Users or Groups dialog box, add your
name and the group in the Enter the object
names to select box, and then click
OK.

In the Launch and Activation
Permission dialog box, select your user and
group in the Group or user names box. In the Allow
column under Permissions for User, select
Remote Launch, select
Remote Activation, and then click
OK.

Common Errors

The remote computer (Computer B) is a member of
WORKGROUP or is in a domain that is untrusted by the
client computer (Computer A) (see Computer A, the
Grant Anonymous connections DCOM Remote Access
permissions step).

0x8007000E

The remote computer (Computer B) is a member of
WORKGROUP or is in a domain that is untrusted by the
client computer (Computer A) (see Computer A, the
Grant Anonymous connections DCOM Remote Access
permissions step).